IBM touts encryption innovation
New technology performs calculations on encrypted data without decrypting it
Network World - IBM today said one of its researchers has made it possible for computer systems to perform calculations on encrypted data without decrypting it.
IBM says the breakthrough would let computer services, such as Google Inc. or others storing the confidential, electronic data of others, fully analyze data on their clients' behalf without expensive interaction with the client and without seeing any of the private data.
The idea is a user could search for information using encrypted search words, and get encrypted results that they could then decrypt on their own. Other potential applications include enabling filters to identify spam, even in encrypted e-mail, or protecting information contained in electronic medical records. The breakthrough might also one day enable computer users to retrieve information from a search engine with more confidentiality, IBM said.
IBM Researcher Craig Gentry calls the technology "fully homomorphic encryption," which uses a mathematical system known as an "ideal lattice," that lets people fully interact with encrypted data in ways previously thought impossible.
Using the technology could also bolster the cloud computing model where a service provider hosts the confidential data of others. It might better enable a service to perform computations on clients' data at their request, such as analyzing sales patterns, without exposing the original data.
"Fully homomorphic encryption is a bit like enabling a layperson to perform flawless neurosurgery while blindfolded, and without later remembering the episode. We believe this breakthrough will enable businesses to make more informed decisions, based on more studied analysis, without compromising privacy. We also think that the lattice approach holds potential for helping to solve additional cryptography challenges in the future, " said Charles Lickel, vice president of Software Research at IBM in a release.
According to an article on Forbes.com, Gentry's solution has a catch: It requires immense computational effort. In the case of a Google search, for instance, performing the process with encrypted keywords would multiply the necessary computing time by around 1 trillion, Gentry estimates.
IBM said two fathers of modern encryption -- Ron Rivest and Leonard Adleman -- together with futurist Michael Dertouzos, introduced and struggled with the notion of fully homomorphic encryption about 30 years ago. Although advances through the years offered partial solutions to this problem, a full solution that achieves all the desired properties of homomorphic encryption did not exist until now.
- The Elephant Herd in the Room: Why Other Enterprise VoIP Providers Don't Like to Talk About Compliance, Security and Reliability There's an elephant in the room. A whole herd of elephants, in fact. When it comes to compliance, security and reliability, the silence...
- SANS: Next-Generation Datacenters = Next-Generation Security This whitepaper takes a look at some new technology that may allow security teams to implement more flexible and capable protection models in...
- SANS: Protecting Virtual Endpoints with McAfee Server Security Suite Essentials SANS review of McAfees Server Security Suite Essentials that address some of the emerging challenges of securing virtual platforms and cloud environments.
- Safeguarding the Next-Generation Data Center Use of virtual and cloud servers has exploded. Unfortunately, security often lags behind. McAfee recommends looking at innovative solutions in order to erect...
- Is SQL Server AlwaysOn really as powerful? Tips and Tricks from the field With the introduction of AlwaysOn, Windows Clustering Services is now more critical than ever.
- What Does it Take to Deliver a Superior Customer Experience? The Two Top-Rated Online Retailers, B&H Photo and Crutchfield Electronics, Share Their Secrets Discuss practical CX tools and service methods such as contact center agents and the use of realtime speech analytics to help contact center... All Regulatory Compliance White Papers | Webcasts